CVE-2025-8464
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9.0 via the wpcf7guestuserid cookie. This makes it possible for unauthenticated attackers to upload and delete files outside of the...